Survive an Impending Audit
Razor thin margin for error, high stakes.
This content requires an active subscription.
Access this content by logging in with your Info-Tech Research Group membership or contacting one of our representatives for assistance.
Your Challenge
- Impending audits intimidate CIOs and business executives – and for good reason.
- A failed audit can result in punitive fines and injunctions that disrupt continuing operations until violations are resolved.
- These highly visible failures are best prevented through auditor-enterprise collaboration and pragmatic audit management.
Our Advice
Critical Insight
- Shift the audit paradigm: auditors need to be enabled, not resisted.
- Auditors provide a value-added service that you are paying for. Establishing an effective relationship and enabling the audit team can ensure you get value from the engagement. However, you must also be vigilant in mitigating the risk of damaging findings.
Impact and Result
- Effective audit management means acting with kindness to establish an effective relationship and taking vigilant, calculated steps to reduce the risk of adverse findings.
- Clarify the audit scope and prepare documentation in advance.
- Start off on a positive note and enable the auditor.
- Manage audit logistics to minimize business disruption.
- Dispute unwarranted findings.
- Continuously improve your auditability.
Contributors
- Glen Notman, Associate Partner, Citihub
- Tony Noblett, SVP CISO, Urban Lending Solutions
- Heriot Prentice, Director of Technology Operations Review, Brown & Brown
- Carter Cameron-Huff, Consultant, Enterprise Risk Services, MNP LLP
Get the Complete Storyboard
See how all the steps you need to take come together, with tools and advice to help with each task on your list.
Download NowGet to Action
-
Prepare staff and management
Plan for a productive audit that will benefit the organization.
-
Conduct the audit
Ensure business continuity and mitigate the risk of damaging findings.
-
Manage post-audit activities
Improve the organization's ability to handle future audits.
Guided Implementation
This guided implementation is a three call advisory process.
-
Call #1: Discuss resource requirements and preparedness for your next audit
-
Call #1: Discuss confirmed audit scope and roles and responsibilities
-
Call #1: Discuss the validity of the findings and calculate compliance cost savings
Guided Implementation #1 - Prepare for the audit
Guided Implementation #2 - Conduct the audit
Guided Implementation #3 - Manage post-audit activities
Onsite Workshop
Module 1: Audit Scoping
The Purpose
- Determine audit team.
- Identify audit scoping plan.
Key Benefits Achieved
- Clear definitions of team member roles and responsibilities.
- Proper audit scoping.
| Activities: | Outputs: | |
|---|---|---|
| 1.1 | Define audit roles and responsibilities |
|
| 1.2 | Develop audit scoping email |
|
Module 2: Audit Preparation
The Purpose
- Gather required documentation.
- Prepare facilities and staff.
Key Benefits Achieved
- Prepared documentation.
- Prepared facilities and staff.
| Activities: | Outputs: | |
|---|---|---|
| 2.1 | Documentation gathering |
|
| 2.2 | Facilities walkthrough and review |
|
| 2.3 | Staff prep tactics |
|
Module 3: Post Audit
The Purpose
- Clarify and remit findings
Key Benefits Achieved
- Downgraded findings
- Clarified recommendations
| Activities: | Outputs: | |
|---|---|---|
| 3.1 | Review auditor report |
|
| 3.2 | Draft follow-up email |
|
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Book Now
Search Code: 75645
Published: August 6, 2014
Last Revised: March 30, 2015
